WootCloud Labs Announces Research Initiative to Identify IoT Vulnerabilities, Prevent Attacks


In a recent announcement, WootCloud, an IoT cybersecurity company, officially made public a new global research initiative to help the OpenSource and the IoT community identify IoT cybersecurity vulnerabilities.

As part of this initiative, WootCloud Labs, the research division of WootCloud, will reportedly use Artificial Intelligence, Machine Learning and Neural Network technology to conduct highly detailed research and analysis to identify IoT (Internet of Things) threats that have historically gone undetected. WootCloud Labs said it is committed to working with IoT organizations and companies, via responsible disclosure, to alert the wider IoT community of these vulnerabilities with the goal of preventing attacks.

With a mission to help enterprises and security firms get ahead of and detect new threats that exist in the rapidly expanding IoT ecosystem, WootCloud Labs has identified and ethically disclosed numerous new threats over the past year. These include:

  • The presence of three new botnet families on Polycom HDX systems, both mimicking the behavior of the Mirai botnet. The malware families are a version of the Bushido and Hades Bots. WootCloud Labs detected the infections in the Asia region. A number of Polycom devices were found to be running the discovered bots, which performed brute-force and password cracking operations from the device via the telnet interface. APIs supported by Polycom devices are abused by the attackers for performing unauthorized operations on the device.
  • The OMNI botnet, which harnesses the power of open open-source software packages such as “BusyBox,” WGet” and others that shipped with the embedded firmware of the Polycom devices. OMNI bypasses the various authentication mechanisms and enables a complete takeover of the target device. It also enables the attackers to launch brute-force attacks and DDoS attacks and allow conferencing systems to act as proxy devices for routing malicious communications such as Command and Control (C&C).
  • More than 200,000 Cisco routers running with exposed web administrative panels. Exposed routers could become potential targets for malware authors to compromise these devices and use the same for forming botnets. Compromised routers can be used for building botnets to trigger unauthorized operations such as launching brute-force attacks, bitcoin mining, building hidden proxy tunnels, and many others. WootCloud Labs’ research reflected the risk of allowing administrative web consoles to be exposed on the Internet, as they can be accessible by remote users without any restriction.

“With so many smart devices available in the wild, device sprawl is rampant and creates an environment that is becoming more and more inviting for attackers,” said Srinivas Akella, founder and CTO, WootCloud. “At WootCloud Labs our goal is to deliver actionable insights to the IoT community, empowering businesses with the information they need to get ahead and stay ahead of a wide range of vulnerabilities, exposures and exploits. We are looking forward to continuing to collaborate with organizations to deliver research and analysis around a wide variety of impending threats.”

The IoT Evolution Expo, and collocated events, IoT Evolution Health, LPWAN Expo, The Smart City Event, and IIoT Conference, will take place Jan. 29 to Feb 1 in Ft. Lauderdale, Florida. Visit to register now.

Edited by Ken Briodagh

Editorial Director

Related Articles

Kerlink Powering IoT Radon-Monitoring System on Mount Etna

By: Ken Briodagh    2/27/2020

In a great case study of the broad applications of LoRaWAN IoT connectivity, Kerlink's Wirnet gateway is powering a radon-sensing project on Europe's …

Read More

GlobalSign and Infineon Join Forces to Strengthen IoT Trustworthiness

By: Ken Briodagh    2/26/2020

Cross-signed endorsement certificates for Trusted Platform Modules (TPM) enable system integrators and solution operators to securely enroll devices w…

Read More

Lighting Up The Utility Industry at the Intersection of IoT & CX

By: Arti Loftus    2/26/2020

Utilities have an extraordinary opportunity to develop and utilize customer information, and with the evolution of cloud and big data analytics, are p…

Read More

It's Time to Take Action to Improve Air Quality in Schools

By: Special Guest    2/24/2020

The presence of particular pollutants-including carbon monoxide, particulate matter (dust), VOCs, humidity, radon, and more-can be detected using Inte…

Read More

RAN Research arm of Rethink Outlines 5G Market in New Report

By: Ken Briodagh    2/21/2020

A new report from the RAN Research arm of analyst firm Rethink Technology Research has taken a deep look at the landscape of 5G networking.

Read More